I have a custom filter profile setup that has a list of about 40 sites in the trusted list. I've checked the "Only allow sites in the trusted list" box and enabled the custom filter.
The filter works as expected, with a massive exception: Any site requested via HTTPS is allowed. So, for example, even though I do not have google.com on the list, it loads because it defaults to https. Every other https site I checked loads, even sites where the standard http version does not.
Firmware is current- I flashed it up today.
Am I missing something or is this a bug?
↧
Content filtering on USG100
↧
Zywall110, How to block Bittorrent/P2P?
Hello,
How do I block Bittorrent/P2P? I have Zywall110.. I googled and couldn't find anything.
Thanks
--
http://www.RestartYourComputer.net
↧
↧
usg 50 l2tp vpn to windows 7 connection issue
i can't get passed the 'Verifying username and password' dialog. I get a windows error 718 (vpn server not responding)
i see the following error in the usg50 log. but i don't know what's causing it, or how to correct it.
error
IPSec
SPI: 0xfd578b9d (4250373021) SEQ: 0x1 (1) No rule found, Dropping ESP/NAT-T packet
any ideas?
↧
Zyxel USG Site To Site VPNs and Shoretel
Shoretel phones are not communicating with HQ's to make calls between sites. The vendor who setup the Shoretel system said the Zyxel's are not able to route the packets properly. I have contacted Zyxel and they do not see any problem with the configuration. Zyxel did a test VPN with me and had me ping a few ip addresses through the tunnel. Everything worked as expected. The Shoretel vendor said just because ping works does not mean it will pass all the required services across the VPN tunnel. Two things that I am thinking are either SIP traffic is not passing correctly or UDP packets are getting lost. Any help would be greatly appreciated.
↧
USG200 and high cpu usage when using IDP
Hi, I have a USG200 and with Comcast updating to 120mb, I have found that my USG200 can handle only up to 71mb when IDP is enabled and on heavy download the cpu hoover around 96%.
If I disable IDP then it can get to the 120mb download speed.
Does anybody has that problem ?
Thanks.
↧
↧
ZW110 new firmware
Zyxel posted a new 4.10 firmware for the Zywall 110.
Have not looked at it yet but it can be found here: ftp://ftp.zyxel.com/ZyWALL_110/firmware
↧
problem VPN between USG 300 and USG 100
Hi everybody,
I've been getting crazy to configure this ipsec connection. Both side have fixed IP and both firewall have their interface configured with pubblic IP. It should have been so flwless but it's not been...
I keep getting this error in the logs:
Tunnel [COLA-VPN] Sending IKE request source 77.xx.xx.xx:500 destination 95.xx.xx.xx:500
Send Main Mode request to [95.xx.xx.xx]
Send:[SA][VID]
IKE Packet Retransmit [count=4]
ISAKMP SA [COLA-GW] is disconnected
Hope someone can help!
Thanks in advance
↧
Requesting info for Zyxel USG60 specs (cpu-ram)
Hello from Greece.
I am a frequent reader of your forums and i decided to join to post a question.
I am planning to buy a Zywall 110 or 60 for a small company with 20 users and 6 ipsec vpn connections from the outside partners.
I initially thought of the 110 model (we don't require UTM features) but I found also the USG60 model has some really good specs (1Gbs firewall, 180 Mbps VPN, max 20 ipsec tunnels) and with better pricing.
I wonder since some of you already have that model could you post cpu and ram tech specs?
Thanks in advance
↧
4G Wireless Card for ZyWall 35?
My old ZyWall 35 is still chugging along and I would like to add wireless support. I have only a few Gb wired and "n" wireless devices and so wouldn't get much bang for the buck by replacing the ZyWall to add wireless to the router (using equally old things like old bridged AirPort Express and Linksys WRT54g for wireless now).
Due to the age of the ZyWall, haven't had any luck finding compatible 4G cards. I'm a Verizon subscriber and do have 4G coverage. Can anyone point me in the right direction?
Is it correct that load balancing only affects WAN1 and WAN2 where WAN2 may be a second wired WAN port or a wireless card? If I have two wired WAN ports and a wireless card, I can only load balance the wired ports?
↧
↧
2-Zywall USG 20W attempting site to site vpn
Hi all
Not even sure if the equipment I purchased will do what I want. I have limited routing knowledge and have been searching this forum for two days. I think I am close thanks to all the post on this forum but it is still not working.
I am trying to connect my shop with my warehouse by using the two Zywall routers and a site to site vpn. I need to connect from the warehouse to the shop and access network shares, printers, etc. I have been able to connect 20W's behind the Centurylink modem/routers by setting them to transparent bridging and setting a pppoe account in the 20W's. Now the 20W's are routing for the modem/routers. So both locations have internet access. I can ping the router at the shop's wan ip from warehouse and warehouse wan ip from shop. I used the quick setup to create vpn and thought I would be good to go. When I try to connect to shop from warehouse it says dialing then just times out.
All of my firewalls are turned off on computers and routers. I have set a routing policy based on a Brano's post. http://www.dslreports.com/forum/r29449129-Zyxel-USG-Site-To-Site-VPNs-and-Shoretel
I have pics of my settings didn't think it was right to post unless asked for.
Any help would be greatly appreciated. Also if you know anyone in the Phoenix area that installs these I would be willing to give them a call.
Thanks
↧
Zywall USG 20 - Can P2-P5 work like WAN
Hi,
I currently have 1 WAN port that I use for external internet.
And in P2 I have a computer that is using LAN1 that can access the internet through the WAN port.
Now I want to connect our internal network (10.15.10.1) to P3. I want the firewall to get IP from our internal networks DHCP (range 10.15.10.100 - 10.15.10.150). Is that possible?
Is it possible to let the firewall be registered as a device in my internal network?
I have tried assigning P3 to LAN2 and giving LAN2 IP 10.15.10.115. But when I ping that IP from a internal computer it does not respond. But when I ping it from the computer connected to P2 (LAN1) it responds to ping.
Do I need an additional WAN port or can this be configured?
Regards,
Adam
↧
Any way to turn Zyxel PK5001Z CenturyLink DSL modem into WiFi access point?
Hey everyone.
I have a Zyxel PK5001Z DSL modem from CenturyLink lying around. There's a part of my house that has spotty WiFi coverage, so I decided to see if I could turn this modem into an AP. That part of the house has Ethernet, so what I want to do is plug an Ethernet cable into the Zyxel and have it broadcast a WiFi signal into the part of my house that has spotty WiFi from my main router.
The trouble is, the firmware on the Zyxel doesn't support it.
I read on a different forum that LAN and WAN ports kinda act the same inside the router. If you want to use it in AP mode, like I do, they can act the same. So I shouldn't have any issues seeing that the modem doesn't have a WAN port (just a DSL phone line jack).
So I was thinking that I could install something like DD-WRT or OpenWRT. However, from what I've read, neither of these support this modem.
I also read on a different forum that since Zyxel makes different products, it would be possible to flash a different firmware, from a Zyxel product that has AP capability, on to this one. Then I could use this one as an AP.
Any help with doing any of this would be appreciated. If I didn't clarify some things enough, sorry, please ask for clarification and I'll do my best.
Thanks in advance.
↧
ZyXEL 2 Plus
I input my Static IP Address but having a challenge with my Static DNS entries. I put them in the Advance/DNS Area but the desktops are picking up the default local gateway as DNS.
↧
↧
ZyXel Zywall USG 50
I have to ask some stupid questions because 1. I am stupid. 2. I have never used a real router that had to actually be set up.
I just replaced a Netgear home router at work with the ZYXEL USG 50 and because that wasn't enough I added a wireless AP to it so my techs can use their laptops in the building without connecting to the expensive connections through the wireless company. Now you have that story I can start with the stupid questions.
What are the PORTS on the front (besides connecting to the switches). DMZ? LAN1 Lan2? Why are they switchable?
I have a Dell T110 Server set up already Windows Server essentials. I cannot get it to cooperate with the router. I need to get it set up so I can access it from home but the server cannot even get the correct name or setup from the router. Says Router Unknown.
I can get to the wireless AP after I understand some of the issues understood with the main router. For now I need an idea of how to set up the main router then I can get to figuring out the AP.
Any help offered will be accepted and appreciated and you will have a friend for life. In the case you already have too many friends, you will have a silent stalker for life. Thank you.
↧
Zywall USG 100 VPN Settings and What VPN Client Software to use?
Hello,
I just ran the VPN Wizard on my Zywall USG 100 and would like to test out the VPN connection to see if it works are all.
I'm pretty new to all this networking stuff so I have really now idea if this is set up correctly. My old router allowed uses to authenticate to the router with a username/password. It seems the USG 100 uses a pre shared key?
Is there a specific VPN client I need to use? Are there any free ones?
Anything I probably forgot to enable/disable after running the VPN Wizard?
Thanks for any help!
↧
Got Zywall site-to-site VPN working, can ping all IP address but one?
Got my site-to-site VPN working, however, I am trying to ping a local IP address on one of the VPN sites. I can't ping .130 but I can ping .131,.132.133 ect. I can ping .130 on the local end just fine, just not through the VPN
↧
Out with the old ... so what's new?
Finally retiring the trusty old Zywall 2+ (for real this time) ;) and I need to know what to get. I'm thinking of a USG20. That seems to be the newest comparable thing to what I am replacing. A trusted adviser (and friend) here said I should post here to get some thoughts from the Zyxel brain trust.
So my questions are:
1. Is the USG20 the thing?
2. I head that there is going to be a USG40 that is better. True?
3. If so should I wait for that or is it already out?
4. Will it be a lot more money than the USG20?
↧
↧
zywall USG 200 intra-zone blocking on lan
Hi i have a big problem with Zywall USG 200.
In most case thw zywal block packet with this log for same IP of my lan: 97
2014-08-27 11:47:44
notice
Firewall
intra-zone blocking on WAN, REJECT
192.168.1.102:50337
173.194.116.6:443
ACCESS BLOCK
and block navigation or error.
My configuration is standard (LAN->ZYWALL->ROUTER INTERNET)
This error is not for every IP of my lan but for someone...
thanks a lot for help...
↧
myZyxel - just upgraded 3.00 to 3.30 firmware
ok I belatedly upgraded my USG-50 from 3.00 firmware to the latest 3.3. Mostly smooth process, but seeing "If you want to register myzyxel.com, please go to portal.myzyxel.com." on Configuration > Licensing > Registration web management page. And Configuration > Licensing > Service pages shows Unlicensed.
OK, so I go to www.myzyxel.com and see there are two portals, the original and the 2.0. The original still works, I log in and see my USG-50. But the 2.0 site doesn't recognize me or my email address. Do I need to register again? If I register on 2.0 site, will Configuration > Licensing > Registration and Service pages stop acting like I haven't registered?
↧
Is the USG110 enough for this setup?
Hi All,
I posted the questions below in the Networking subforum, but I also need to know if my product selection is appropriate... I have chosen the ZyWall USG110 for this setup based on my past experience using a number of different ZyWalls (50, 100, 300, etc).
My most pressing question is whether the USG110 is enough, or if I should step up to the USG210? The hotspot may have up to 30 people browsing the internet (this is a coffee shop). I would port block most to prevent high usage/torrents/etc, and may limit the bandwidth on this port. See below for details.
Thanks very much....
-------
I'm setting up a fairly basic network, but wanted to verify some assumptions I've made and make sure that I'm not making any flagrant mistakes. This is not my primary area of expertise and I know enough to get myself into trouble...
I'm setting up a new retail store of ours. The basic setup is a router/firewall (ZyWall USG110) and two unmanaged switches (one 24 port switch and one 16 port PoE switch).
The store's computers and equipment will be connected to the 24 port switch (possibly ZyXEL GS 1100-24 or HP ProCurve J9561A). The store's IP-based PoE security cameras (Axis M3004-V) will be connected to the 16 port PoE switch (possibly ZyWall ES1100-16P). These cameras will be recording their data to onboard 64GB microSD cards mostly.
Also on the 16 port PoE switch will be a simple desktop. This desktop will be used to display a live streaming view of the cameras and to interact with them/download video if need be. 8 cameras plus 1 computer and one connection to the router will leave 6 ports unused.
My assumption was to configure the router/ZyWall such that LAN1 uses subnet 192.168.A.XXX which will be used for the store computers equipment. LAN2 would be configured as 192.168.B.XXX which will be used for the IP cameras and the lone desktop. A third subnet on LAN3 may be DMZ'd and configured for a store wifi hotspot. All of these configurations are done on the router. The switches are unmanaged and the only configuration i would be doing is assigning the switch's IP address to the appropriate subnet.
Is configuring the router with these subnets all I need to do to in order to streamline data movement and prevent all the video packets from interacting with the store/equipment data? No data needs to go between the two subnets. The video desktop has a direct keyboard/mouse/monitor connection. It does need to be accessible remotely from the internet.
Is using unmanaged switches appropriate? Would you do things differently? Am I better off using a single 24-port PoE (decently more expensive) if I can get all my devices to fit on just the 24 ports as opposed to separating the two switches (which is possible, but leaves me with almost no unused ports)? Anything else?
Thanks for the help.
↧